Receiving "Your Connection not secure" When Going to JMU Sites

We get our SSL certificates from the InCommon Alliance who resells Comodo/Sectigo certs to HigherEd. Comodo used to issue from the AddTrust root that was valid from 2000 until roughly Saturday 2020. Somewhere around 2015, they saw the expiration coming and issued a new root under the USERTrust name. Knowing it would take a few years to circulate, they arranged a cross-signing, where AddTrust signs the USERTrust root, allowing a client to choose either path to validate a certificate. Once we pass

Because of a change in Certificate requirements from JMU's third-party vendor due to changes in security, certain outdated browsers (such as Chrome and Safari) and Operating Systems (primarily Apple macOS 10.11 and lower) are unable to access certain JMU-hosted sites such as canvas.jmu.edu.

To adjust for this, customers can do one of three options:

1. Log into JMU-hosted sites from an alternate device that is current and up-to-date.
2. Use an alternate browser, such as Mozilla Firefox (Note: This may be a temporary fix, as alternate browsers may begin acting in the same manner at any time, without warning).
3. Attempt to update or upgrade your Operating System to a more current version through the Apple App Store.

• If there is no current update available within the Apple App Store, a stored update files may be visible within the Applications Folder within Finder
• Prior to any update, it is best practice to backup and store all important information and data to an external drive or to a cloud service.